exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 100 RSS Feed

Files

OTRS Install Dialog Disclosure
Posted Jun 8, 2017
Authored by Sebastian Auwarter | Site syss.de

Due to insufficient checking of privileges, it is possible to access the OTRS Install dialog of an already installed instance, which enables an authenticated attacker to change the database settings, superuser password, mail server settings, log file location and other parameters. Versions affected include OTRS 5.0.x, OTRS 4.0.x, and OTRS 3.3.x.

tags | exploit
advisories | CVE-2017-9324
SHA-256 | 21f3598970b7ae6cfb31cada4cccc9ed918166bc63d7eb4d159c64b23c2c0334

Related Files

Zero Day Initiative Advisory 12-090
Posted Jun 9, 2012
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 12-090 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Symantec Web Gateway. Authentication is not required to exploit this vulnerability. The specific flaw exists due to insufficiently filtered user-supplied data used in a call to exec() in multiple script pages. The affected scripts are located in '/spywall/ipchange.php' and 'network.php'. There is also a flaw in '/spywall/download_file.php' that allows unauthenticated users to download and delete any file on the server.

tags | advisory, remote, web, arbitrary, php
advisories | CVE-2012-0297
SHA-256 | 27dcc990753c286009309447bb9c72ba6733589421579106d30bc8c69f3a95ef
CA ARCserve Backup Denial Of Service
Posted Mar 21, 2012
Authored by Kevin Kotas | Site www3.ca.com

CA Technologies Support is alerting customers to a potential risk with CA ARCserve Backup for Windows. A vulnerability exists that can allow a remote attacker to cause a denial of service condition. CA Technologies has issued fixes to address the vulnerability. The vulnerability occurs due to insufficient validation of certain network requests. An attacker can potentially use the vulnerability to disable network services.

tags | advisory, remote, denial of service
systems | windows
advisories | CVE-2012-1662
SHA-256 | f6cc7aa2a2c098a2e8ed419d61aa4d65e98cc20b7bdc4c73e4cfe07ba7fc117b
Zero Day Initiative Advisory 12-039
Posted Feb 23, 2012
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 12-039 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Oracle Java. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the way Java Webstart handles the 'java-vm-args' parameter in the j2se tag within a jnlp file. Due to insufficient sanitation it is possible to add additional double quotes to the commandline argument string used to start a new java process. This can lead to remote code execution under the rights of the current user.

tags | advisory, java, remote, arbitrary, code execution
SHA-256 | d94a0659bb3d5751620c9a917bb3a7a6afb99e1f7b7888ddcbff44a739da4dbd
CA SiteMinder Cross Site Scripting
Posted Dec 9, 2011
Authored by Ken Williams | Site www3.ca.com

CA Technologies Support is alerting customers to a potential risk in CA SiteMinder. A vulnerability exists that can allow a malicious user to execute a reflected cross site scripting (XSS) attack. CA Technologies has issued patches to address the vulnerability. The vulnerability occurs due to insufficient validation of postpreservationdata parameter input utilized in the login.fcc form. A malicious user can submit a specially crafted request to effectively hijack a victim’s browser.

tags | advisory, xss
advisories | CVE-2011-4054
SHA-256 | 5f7582e4c67739253ed079afcbce2912fb91b1a5d275896bcb931df277369cf8
CA Directory Insufficient Bounds Checking
Posted Nov 17, 2011
Authored by Kevin Kotas | Site www3.ca.com

CA Technologies Support is alerting customers to a potential risk with CA Directory. A vulnerability exists that can allow a remote attacker to cause a denial of service condition. Remediation is available to address the vulnerability. The vulnerability occurs due to insufficient bounds checking. A remote attacker can send a SNMP packet that can cause a crash.

tags | advisory, remote, denial of service
advisories | CVE-2011-3849
SHA-256 | 2504afdbecc5337cc2f3bedfcdb2f35357e06e9213344c8bb32f8190347818d5
Zero Day Initiative Advisory 11-306
Posted Oct 26, 2011
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 11-306 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Oracle Java. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the way Java handles IIOP deserialization. Due to insufficient type checking it is possible to trick java into allowing access to otherwise protected and private fields in built-in objects. This could be used, for example, to disable to security manager normally in place for applets. This leads to remote code execution under the context of the current user.

tags | advisory, java, remote, arbitrary, code execution
advisories | CVE-2011-3521
SHA-256 | 361a262ae72479a4afab85c66c4c74c4946348a51ecd9466a86252761ade0d32
Zero Day Initiative Advisory 11-299
Posted Oct 26, 2011
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 11-299 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the Adobe 2D.x3d PICT image parsing routines. When Adobe Reader parses an PICT image it uses a static buffer to store certain image header values. Due to insufficient checks for the end of the buffer it is possible to write outside the stack buffer. The resulting stack overflow could result in remote code execution under the context of the current user.

tags | advisory, remote, overflow, arbitrary, code execution
advisories | CVE-2011-2435
SHA-256 | 5dc9c58b3cea78921a78163458edd743c68322a03eaccfabc9a632cc1d2e2788
CA Gateway Security And Total Defense Memory Overwrite
Posted Jul 21, 2011
Authored by Kevin Kotas | Site www3.ca.com

CA Technologies support is alerting customers to a security risk with CA Gateway Security. A vulnerability exists that can allow a remote attacker to execute arbitrary code. CA has issued an update that resolves the vulnerability. The vulnerability occurs due to insufficient bounds checking that can result in a memory overwrite on the heap. By sending a malformed request, an attacker can overwrite a sensitive portion of heap memory, which can potentially result in server compromise.

tags | advisory, remote, arbitrary
advisories | CVE-2011-2667
SHA-256 | 129765a243cc9461d666229b218c140b7dd2b2170b92ae5385206f75be6ce569
Zero Day Initiative Advisory 11-192
Posted Jun 9, 2011
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 11-192 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Oracle Java. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the way Java webstart parses certain properties from the jnlp file. Due to insufficient quote escaping it is possible to supply additional command line parameters to the java process. By crafting such parameters, an attacker can execute remote code under the context of the user running the process.

tags | advisory, java, remote, arbitrary
advisories | CVE-2011-0863
SHA-256 | a404173fec0adb72b54fdaa57ab9e6ee4ac25a73fd950400775c364b24259cc3
CA eHealth Cross Site Scripting
Posted May 11, 2011
Authored by Kevin Kotas | Site www3.ca.com

CA Technologies support is alerting customers to a security risk with CA eHealth. A vulnerability exists that may potentially allow an attacker to compromise web user security. The vulnerability occurs due to insufficient validation of sent request parameters. An attacker, who can convince a user to follow a carefully constructed link or view a malicious web page, can conduct various cross-site scripting attacks. Versions 6.0.x, 6.1.x, 6.2.1, and 6.2.2 are affected.

tags | advisory, web, xss
advisories | CVE-2011-1899
SHA-256 | 59491a8e54f0e3980dff181e854aac91f5f99b5bc0eb81ce1a280219f8dbd3da
CA Arcot WebFort Versatile Authentication Server XSS / URL Redirection
Posted Apr 27, 2011
Authored by Kevin Kotas | Site www3.ca.com

CA Technologies support is alerting customers to multiple security risks with CA Arcot WebFort Versatile Authentication Server. Two vulnerabilities exist that can allow a remote attacker to potentially compromise web user security. The first set of vulnerabilities occur due to insufficient handling of request parameters sent to the Arcot Administrative Console. An attacker, who can convince a user to follow a URL or view a webpage, can potentially conduct cross-site scripting attacks. The second vulnerability occurs due to insufficient filtering of a request parameter sent to the Arcot Administrative Console. An attacker, who can convince a user to follow a URL or view a webpage, can use redirection to potentially carry out additional web based attacks.

tags | advisory, remote, web, vulnerability, xss
advisories | CVE-2011-1826, CVE-2011-1825
SHA-256 | b7f2426e298629c164af95d01b3886396dbdea3a03957d1a67ef5c0aac369b16
CA Total Defense SQL Injection / Shell Upload
Posted Apr 14, 2011
Authored by Kevin Kotas | Site www3.ca.com

CA Technologies support is alerting customers to security risks with CA Total Defense. Multiple vulnerabilities exist that can allow a remote attacker to possibly execute arbitrary code. CA issued an automatic update to address the vulnerabilities. The first set of vulnerabilities are due to insufficient handling of certain request parameters. A remote attacker can use various SQL injection attacks to potentially compromise the Unified Network Control (UNC) Server. The second vulnerability occurs due to insufficient handling of file upload parameters. A remote attacker can upload a file and use it to execute arbitrary code on the Total Defense Management Server. The third vulnerability is due to insufficient protection of sensitive information. A remote attack can acquire account credentials and take privileged action on the Unified Network Control (UNC) Server.

tags | advisory, remote, arbitrary, vulnerability, sql injection, file upload
advisories | CVE-2011-1653, CVE-2011-1654, CVE-2011-1655
SHA-256 | 9697f3a718cfbc9df64ba14c7c65ce50a6f140e9f9064d6822691eb7e5a4adcc
Libmodplug 0.8.8.1 ReadS3M Stack Overflow
Posted Apr 7, 2011
Authored by M. Lucinskij, P. Tumenas | Site sec-consult.com

Libmodplug library is prone to a stack based buffer overflow vulnerability due to insufficient validation of user supplied data. An attacker is able to execute arbitrary code in the context of the user when opening malicious S3M media files. Version 0.8.8.1 is affected.

tags | advisory, overflow, arbitrary
SHA-256 | 3b492361b42a31322dd539245a7c64c4f1cbf45a7f989edecf307ed261a181bd
Zero Day Initiative Advisory 11-083
Posted Feb 15, 2011
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 11-083 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of the Oracle Java Runtime. User interaction is required to exploit this vulnerability in that the target must visit a malicious page. The specific flaw is due to insufficient defenses against system clipboard hijacking. When in focus, a handle to the system clipboard can be retrieved without user interaction by a malicious component. The clipboard can then be arbitrarily read from or written to. By writing a TransferableProxy object to the system clipboard and then forcing a paste action, arbitrary code can be executed under the context of the user invoking the JRE.

tags | advisory, java, remote, arbitrary
advisories | CVE-2010-4465
SHA-256 | 4c46b3ec192f1d813df40166389dd74826a1e212deec18e5d0c463478a0543f9
OpenVAS Security Advisory OVSA20110118
Posted Jan 26, 2011
Authored by Tim Brown at OpenVAS

It has been identified that OpenVAS Manager is vulnerable to command injection due to insufficient validation of user supplied data when processing OMP requests. It has been identified that this vulnerability allows privilege escalation within the OpenVAS Manager but more complex injection may allow arbitrary code to be executed with the privileges of the OpenVAS Manager on vulnerable systems.

tags | advisory, arbitrary
advisories | CVE-2011-0018
SHA-256 | 465e38dd18df584bf3d5f7eda261e4615381784ac40a6d293ea96a4cc69f27a3
Zero Day Initiative Advisory 10-287
Posted Dec 15, 2010
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 10-287 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Sharepoint Server utilizing Microsoft's Office Document Load Balancer. Authentication is not required to exploit this vulnerability. The specific flaw exists within the Office Document Conversions Launcher service and occurs due to insufficient parameter validation on a particular SOAP request. Successful exploitation will allow an attacker to upload and execute an arbitrary file on the target server.

tags | advisory, remote, arbitrary
advisories | CVE-2010-3964
SHA-256 | 322eede1474adc2826f89bd0a74b567d46dfc161c36ec6602672c779b8c0671e
CA Technologies Remote Code Execution
Posted Dec 9, 2010
Authored by Kevin Kotas | Site www3.ca.com

CA Technologies support is alerting customers to a security risk with CA XOsoft. A vulnerability exists that can allow a remote attacker to execute arbitrary code. CA has issued a patch to address the vulnerability for each affected release. The vulnerability is due to insufficient bounds checking with a SOAP request. A remote attacker can make a SOAP request to cause a buffer overflow and potentially compromise the system.

tags | advisory, remote, overflow, arbitrary
advisories | CVE-2010-3984
SHA-256 | 9d039f55b21c958375378d4ba47477b52c27a168b01375bd467fcfa9414e7265
Adobe Shockwave Director pamm Chunk Memory Corruption
Posted Oct 29, 2010
Authored by TELUS Security Labs | Site telussecuritylabs.com

A memory corruption vulnerability exists in Adobe Shockwave Player while parsing crafted Adobe Director files (.dir or .dcr), that may lead to arbitrary code execution. The vulnerability is due to insufficient validation of certain fields while parsing 'pamm' chunk data. An attacker can leverage this vulnerability to write data to an attacker-controlled memory location. Successful exploitation could allow for the execution of arbitrary code within the security context of a target user. Adobe Shockwave Player versions 11.5.8.612 and 11.5.7.609 are affected.

tags | advisory, arbitrary, code execution
advisories | CVE-2010-4084
SHA-256 | 52321373bf2a0653fb086d290321ba798dc5e0c8bffe3c1b5a613be0afe0213f
Mandriva Linux Security Advisory 2010-208
Posted Oct 22, 2010
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2010-208 - It has been discovered that eight denial of service conditions exist in libpurple all due to insufficient validation of the return value from purple_base64_decode(). Invalid or malformed data received in place of a valid base64-encoded value in portions of the Yahoo!, MSN, MySpaceIM, and XMPP protocol plugins and the NTLM authentication support trigger a crash. These vulnerabilities can be leveraged by a remote user for denial of service.

tags | advisory, remote, denial of service, vulnerability, protocol
systems | linux, mandriva
advisories | CVE-2010-3711
SHA-256 | 2dcc45f1140e070e5166be26b8d3ee85ca8334858f66c04bf67550e965a60fef
iDEFENSE Security Advisory 2010-06-21.1
Posted Jun 29, 2010
Authored by iDefense Labs, Dan Rosenberg | Site idefense.com

iDefense Security Advisory 06.21.10 - Remote exploitation of a stack buffer overflow vulnerability in version 3.9.2 of LibTIFF, as included in various vendors' operating system distributions, could allow an attacker to execute arbitrary code with the privileges of the current user. This vulnerability is due to insufficient bounds checking when copying data into a stack allocated buffer. During the processing of a certain EXIF tag a fixed sized stack buffer is used as a destination location for a memory copy. This memory copy can cause the bounds of a stack buffer to be overflown and this condition may lead to arbitrary code execution. iDefense has confirmed the existence of this vulnerability in version 3.9.2 of libTIFF. Previous versions are not affected.

tags | advisory, remote, overflow, arbitrary, code execution
advisories | CVE-2010-2067
SHA-256 | 014d43587d44901b7350126457fa46e3ddd7be36fcae7a02d6977373e2a71713
Microsoft Excel Record Parsing Input Validation
Posted Jun 9, 2010
Authored by Carsten Eiram | Site secunia.com

Secunia Research has discovered a vulnerability in Microsoft Excel, which can be exploited by malicious people to potentially compromise a user's system. The vulnerability is caused due to insufficient input validation when parsing a certain record type. This may lead to a variety of errors, including corruption of data on the stack. Successful exploitation may allow execution of arbitrary code. Microsoft Excel 2002 is affected.

tags | advisory, arbitrary
advisories | CVE-2010-1251
SHA-256 | 3317b05f07d3375ba69a0a88550df747e13c68c010f5503c80c416ee969ba63a
VMware Security Advisory 2010-0005
Posted Mar 31, 2010
Authored by VMware | Site vmware.com

VMware Security Advisory - A cross-site scripting vulnerability in WebAccess allows for disclosure of sensitive information. The flaw is due to insufficient verification of certain parameters which may lead to redirection of a user's requests. This vulnerability can only be exploited if the attacker tricks the WebAccess user into clicking a malicious link and the attacker has control of a server on the same network as the system where WebAccess is being used.

tags | advisory, xss
advisories | CVE-2009-2277, CVE-2010-1137, CVE-2010-0686
SHA-256 | 85919e5b4cda7ee681c52ebaf6b744efd4562b046b0744f8b117c70cc911302f
Debian Linux Security Advisory 2009-1
Posted Mar 10, 2010
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2009-1 - It was discovered that tdiary, a communication-friendly weblog system, is prone to a cross-site scripting vulnerability due to insufficient input sanitizing in the TrackBack transmission plugin.

tags | advisory, xss
systems | linux, debian
advisories | CVE-2010-0726
SHA-256 | cdca26ab67f9ac1397b3b3bac93f82b4d5e9f6681824ba915f69fb788823a63a
Zero Day Initiative Advisory 10-03
Posted Jan 21, 2010
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 10-03 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Novell ZENworks Asset Management. Authentication is not required to exploit this vulnerability. The specific flaw exists due to insufficient sanity checks on the documentID parameter to the docfiledownload component. A carefully crafted parameter can result in direct SQL access to the underlying SQL Server database which can be further leveraged by an attacker to potentially execute arbitrary code.

tags | advisory, remote, arbitrary
SHA-256 | dbed8d04e273771933d3b4da838a3a601689977a848150c4023cb76a10ddc0a5
Alt-N SecurityGateway username Buffer Overflow
Posted Dec 31, 2009
Authored by jduck | Site metasploit.com

Alt-N SecurityGateway is prone to a buffer overflow condition. This is due to insufficient bounds checking on the "username" parameter. Successful exploitation could result in code execution with SYSTEM level privileges. NOTE: This service doesn't restart, you'll only get one shot. However, it often survives a successful exploitation attempt.

tags | exploit, overflow, code execution
advisories | CVE-2008-4193
SHA-256 | ff81f757d0ee734b80216662fed47c56e6a92afa7502822354ef61533ab501d3
Page 1 of 4
Back1234Next

File Archive:

October 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Oct 1st
    39 Files
  • 2
    Oct 2nd
    23 Files
  • 3
    Oct 3rd
    18 Files
  • 4
    Oct 4th
    20 Files
  • 5
    Oct 5th
    0 Files
  • 6
    Oct 6th
    0 Files
  • 7
    Oct 7th
    0 Files
  • 8
    Oct 8th
    0 Files
  • 9
    Oct 9th
    0 Files
  • 10
    Oct 10th
    0 Files
  • 11
    Oct 11th
    0 Files
  • 12
    Oct 12th
    0 Files
  • 13
    Oct 13th
    0 Files
  • 14
    Oct 14th
    0 Files
  • 15
    Oct 15th
    0 Files
  • 16
    Oct 16th
    0 Files
  • 17
    Oct 17th
    0 Files
  • 18
    Oct 18th
    0 Files
  • 19
    Oct 19th
    0 Files
  • 20
    Oct 20th
    0 Files
  • 21
    Oct 21st
    0 Files
  • 22
    Oct 22nd
    0 Files
  • 23
    Oct 23rd
    0 Files
  • 24
    Oct 24th
    0 Files
  • 25
    Oct 25th
    0 Files
  • 26
    Oct 26th
    0 Files
  • 27
    Oct 27th
    0 Files
  • 28
    Oct 28th
    0 Files
  • 29
    Oct 29th
    0 Files
  • 30
    Oct 30th
    0 Files
  • 31
    Oct 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close